<%@ page pageEncoding="UTF-8"%>
<%@ include file="/common/validate.jsp"%>
<%@ include file="/common/sms.jsp"%>
<%@ include file="/common/message.jsp"%>
<%!
  // 根据手机验证码找回密码
  public Message findPasswordByPhone(String code, String password, Integer type, Integer hospital, String phone) {
    Message msg = validateSms(phone, code, BACKPWD_SMS, hospital);
    if (msg.getErrcode() != 0)
      return msg;
    List<User> list = QBuilder.db("basedb").select().from("User").where(new Where("hospital=", hospital).and("phone=", phone).and("type=", type).and("status=", STATUS_ENABLE)).query().getResultObj();
    if (isEmpty(list)) {
      return new Message(30031, "用户不存在");
    }
    User user = list.get(0);
    user.setPassword(password);
    // 修改user中的密码
    DBTools.db("basedb").modItem(user, user.getId());
    // 修改密码后删除所有设备登录的token
    QBuilder.db("basedb").execHQL("delete from Token where hospital = "+ hospital +" and uid = " + user.getId() );
	//createMsg(user.getId(), hospital, "密码找回通知", "系统通知", "", SYSTEMINFO);
    return new Message(0, "密码已成功找回，请重新登录");
  }
%>
<%
  String phone = input.getDesc("phone", "");
  String password = input.getDesc("password");
  if (!"".equals(phone)) {
    String code = input.getDesc("code");
    Integer type = input.getInt("type");
    msg = findPasswordByPhone(code, password, type, hospital, phone);
  }
  Tools.encryptPrint(out, msg);
%>
